Our client’s headquarters office was hit with ransomware that encrypted dozens of computers, shutting all operations down.
Our client was hit with a debilitating ransomware attack, with malware that encrypted the contents of both user systems and enterprise servers containing critical client and firm data.
iDS was tasked with:
- Identifying the source and timing of the attack
- Isolating the malware, eradicating it from their environment, and restoring systems, applications, and data
- Monitoring operations to ensure that the malware did not resurface
We brought in a team to identify the source of the attack, pinpoint how the malware got in, contain it, and ensure that the scope of the attack was understood. Then we worked to restore systems and get the business back up and running.
iDS was chosen based on our relationship with the client and our deep experience in assisting clients with similar issues.
A project plan was drawn up which included:
- Reviewing logs and forensic data to determine the source and extent of the compromise
- Wiping compromised systems, reinstalling operating systems, and restoring data from known good backups that we had previously worked to create with the firm
- Working with the client to improve defenses against future attacks, including additional user training, network monitoring, and enhanced backup strategies
The iDS cybersecurity team conducted an investigation to identify and isolate the malware, restoring operations and preventing the loss of more than $1.5 million in revenue per day. In addition, we prepared a report that allowed our client to get full reimbursement for our services from their cybersecurity insurance policy.
The highly experienced iDS cybersecurity team quickly responded to the client’s needs and got them back to normal operations in a matter of hours. We saved them from losing millions in potential revenue, assisted with insurance recovery for their costs, and took steps to reduce the likelihood that they would need to deal with the same issue in the future.